HOW TO MEET THE THREAT FROM CHINA’S ARMY OF CYBER GUERRILLAS

Fox News on June 6, 2013, published an article by Gary J. Schmitt on how to meet the Chinese cyber threat… Excerpts below:

According to U.S. counterintelligence officials, billions upon billions of dollars worth of information has been “lifted” out of American computers and servers in recent years.

In fact, only last week, newspapers were reporting that an internal Defense Department review had concluded that China had used cyber attacks to gather data on more than three dozen key U.S. military programs, including the country’s most advanced missile defense systems, naval warships and even the F-35 Joint Strike Fighter—the stealthy, fifth-generation jet that will be the backbone of the American military’s ability to sustain air superiority in the decades ahead.

To stem the tide of harmful cyber attacks by the Chinese there has to be a cyber response on America’s part that deters continued cyber aggression.

As one might expect, the Chinese government has denied any complicity in these attacks. And it is doubtful, given how successful Chinese efforts have been, that even “blunt” talk by the president to the new Chinese leader, will have much effect on Chinese practices.

The reality is, the Chinese government is engaged in a form of warfare—new to be sure in its technological aspects but not new in the sense that cyber attacks harm our relative military strength and damage the property (intellectual and proprietary) of citizens and companies alike.

So far, the American government’s response has largely been defensive, either talking to the Chinese about establishing new, agreed-upon “rules of road” for cyberspace or working assiduously to perfect new security walls to protect government and key private sector computer systems.

—

…those on the offensive side of the computer screen–that is, those hacking into or compromising computer systems–have the advantage over those on the defensive side who are trying to keep systems secure. Walls have always been breached and codes broken.

Moreover, attempts to beef up security are complicated by the fact that our own cyber warriors are undoubtedly reluctant to provide those charged with protecting systems here at home with the latest in their own capabilities.

…to stem the tide of harmful cyber attacks by the Chinese (or, for that matter, Iran, Russia or North Korea), there has to be a cyber response on America’s part that deters continued cyber aggression.

Reprisals that are proportionate, in self-defense and designed to stop others from such behavior falls well within the bounds of international law as traditionally understood.

—

The U.S. government has always understood that it has an affirmative duty to protect the lives and property of its citizens from foreign aggression and, in times both past and current, this has meant using American military might.

That need not be the case here, however. Indeed, one advantage of the cyber realm is the wide variety of options it offers up for reprisal that can inflict economic harm without causing loss of life or limb.

The good news is that the U.S. government has been gradually beefing up its offensive cyber capabilities.

Indeed, a little over a month ago in open testimony before the House Armed Services Committee, Gen. Alexander said that he created thirteen new teams that would go on the offensive if the nation were hit by a major cyber attack.

…new reports coming out of the Pentagon indicate that the Joint Chiefs would like to empower geographic combatant commanders to counter cyber attacks with offensive cyber operations of their own.

These are necessary steps if we hope to create a deterrent to Chinese cyber aggression; however, they are not sufficient.

The threat posed by China’s army of cyber “guerrillas” is constant, is directed at both the U.S. government and the private sector, and ranges from the annoying to the deadly serious.

A truly adequate response would require meeting the Chinese challenge on all these fronts.

Gary Schmitt co-directs the Marilyn War Center for Security Studies at the American Enterprise Institute.